Pages

Thursday, March 27, 2014

So You’re Compliant, But Are You Secure?

Do you really know the difference between compliance and
security? Enterprises often make the
mistake of thinking that being compliant is synonymous with being secure. The
reality is that security is often inadequate when people rely solely on
compliance requirements to get the job done, rather than simply using them as
guidelines for creating a secure network infrastructure. Passing a compliance
test or audit does not guarantee that your network, infrastructure, or
information is secure. With the growing number of hackers, theft, and fraud
over the internet, no one is safe. Understanding your IT risks and the best
ways to prevent attacks will help achieve both compliance AND security.

Juniper Network’s WebApp Secure addresses both compliance
and security by delivering the smartest way to secure websites and web
applications against hackers, fraud, and theft. WebApp Secure is the first Web
Intrusion Deception System that provides zero false positives, blocks attacks,
and prevents and deceives potential attackers in real time. To proactively
identify attackers before they do damage, WebApp Secure uses deceptive
techniques and inserts detection points, or tar traps into the code of outbound
Web application traffic. Traditional signature-based Web application firewalls,
while providing the necessary security mechanisms to maintain compliance, fall
short because they rely on a library of signatures and are always susceptible
to unknown or “zero-day” exploits and Web attacks. WebApp Secure inserts detection points into
web code which creates a random and variable minefield within the web
application. By using tar traps to
entice and detect attackers, WebApp Secure is able to provide compliance as well
as security with zero false positives.

WebApp Secure does
not rely solely on an attacker’s IP Address since it is possible that legitimate
users could be accessing your site from the same location or IP address. Instead, WebApp Secure uses a complete device
fingerprinting method based on over 200 unique system identifiers to create a
comprehensive profile of each attacker it sees.
Attackers using a browser-based method to hack your website will be
tracked by injecting a persistent token into their client called a “super
cookie”. Even if that user clears their cookies and cache, the token will still
persist in all browsers. Attackers that use automated tools, software, and
scripts are tracked using a fingerprinting technique to identify the machine
delivering the script.

In addition to device fingerprinting, smart profiling
technology is used to determine the best response to attacks. Responses can be
as simple as a warning or as deceptive as simulating a broken site. The attacker thinks that they are having a
negative effect on the site, while normal users see the site as they should -
fully functional. Every detected attacker profile receives a threat level based
on the overall maliciousness and level of sophistication of attack. Configuring automatic actions for given
threat levels allows security administrators to prevent attacks in real time.
Juniper Networks WebApp Secure works continuously to detect, track, and protect
against any attacks allowing your enterprise to be both compliant and secure.

If you're interested in learning more, we are co-hosting Juniper Tech Days in Toledo, Indianapolis, and Louisville in April. Find out more here.